How Hvisk stays safe.

We assume an adversary that can read every SMS in transit, every packet at the relayer, and every transaction on Solana. The adversary cannot break Groth16 SNARKs, Ed25519 signatures, or extract keys from a hardware-backed iOS Keychain or Android Keystore. Under those assumptions, Hvisk reveals nothing about the amount, balance, or recipient identity of a Full-privacy transfer.

Ed25519 over Curve25519 for signatures. Groth16 on the BN254 curve for zero-knowledge proofs. Poseidon hash for circuit-friendly commitments. AES-256-GCM for off-chain message encryption between the device, gateway, and prover.

All four contracts (HviskPrivacyPool, FHERC20, HviskFacilitator, DepositRouter) and the proving circuits are scheduled for independent audits before mainnet launch. Reports will be published on the audits page in their full form.

We pay up to $250 000 for critical vulnerabilities in the privacy pool, the prover circuits, or the SMS gateway. Email security@hvisk.app with a clear reproduction. Please do not file public issues.

Standard 90-day window from first contact. We will not pursue legal action against good-faith researchers who follow this policy.